Table of Contents 
Previous Chapter Some Useful Tools.
- man
- su
- ps
- find
- egrep
- df/du
- vi (or emacs) editor
- Bourne Shell (/bin/sh) or Korn Shell (/bin/ksh)
- make
Table 1: Unix Manual Sections
-------------------------------------------------------------
Contents BSD System V
Sections Sections
-------------------------------------------------------------
User Commands 1 1
System Calls 2 2
C and other library routines 3 3
Special files, device drivers, hardware 4 7
Configuration files 5 4
Games 6 6 or 1 or
NA
Miscellaneous commands 7 5
Administration commands 8 1M
Maintenance commands 8 8
Local commands l l
-------------------------------------------------------------
Common options:
- -e print all processes
- -f print full listing
- -l long listing (more info than -f)
Meaning of full listing columns:
- S state
- PRI priority
- SZ total size (in 4096 byte pages) of the process
- RSS total resident size (in pages) of the process
- STIME starting time
- TIME cumulative execution time
Common options:
- -a print all processes involving terminals
- -e print environment and arguments
- -l long listing
- -u print user information
- -xi nclude processes with no terminals
Meaning of user information columns:
- %CPU percentage use of CPU
- SZ total size (in 1024 byte pages) of the process
- RSS total resident size (in pages) of the process
- STAT state of the process
- TIME time, including both user and system time
Here is an example of the output of ps under SunOS (System V style).
# find starting-dir(s) matching-criteria-and-actions
Matching criteria
- -atime n file was accessed n days ago
- -mtime n file was modified n days ago
- -size n file is exactly n 512-byte blocks
- -type c file type (e.g., f=plain, d=dir)
- -name nam file name (e.g., `*.c')
- -user usr file's owner is usr
- -perm p file's access mode is p
Actions
- -print display pathname
- -exec cmd execute command ({} expands to file)
# find . -name \*.c -print
# find / -size +1000 -mtime +30 \
-exec ls -l {} \;
# find / \( -name a.out -o -name core \
-o -name '#*#' \) -type f -atime +14 \
-exec rm -f {} \; -o -fstype nfs -prune
(Removes unnecessary files that are older than two weeks old, but doesn't descend NFS mounted file systems while searching)
# find / \( -perm 2000 -o -perm 4000 \) \
-print | diff - files.secure
(Does a difference on all file names that have SUID or SGID permissions against a pre-defined list of files)
- Perl
- RCS or SCCS
- Sysadmin shells (e.g., sysadm, SMIT)
- cu-sudo - A program for giving root access to users on a per-user/per-command basis)
- Swatch - A tool to analyze log files.
- LogSurfer - Another tool to analyze log files
- GNU findutils - A faster version of find, with even faster locate/updatedb.
... and their Frequently Asked Questions (FAQ) files.(See also the Usenet Hypertext FAQ Archive)
Read Usenet news with the "rn", "trn", "nn", or "tin" newsreaders (among others)
- comp.sys.*.admin
- comp.unix.*
- alt.security
- comp.security.*
- comp.lang.*
(Here are some lists to consider)
- Find all the SETUID/SETGID programs on your system. (One solution)
- Find the top ten files (by size) on your system and who owns them. (One solution)
- Find out who the top ten users of disc space are on your system. (One solution)
- Find out the same information, but for each partition. (One solution)
- This essay on email privacy issues may be of interest.
- [advanced] Get the scripts fscheck.setup and fscheck. Edit them (to make sure you have the proper use of the find command) and then run fscheck.setup to create the sum.master and ls.master files. Next, run fscheck to then check your system. See what it reports and notice if any files could allow someone to gain unauthorized access to the root account.
- Get a copy of GNU's gzip program and install it on your system (if you don't have it already -- it is needed to uncompress GNU source archives: Source code for the GNU programs can be found on gatekeeper.dec.com, among other sites).
- Get a copy of perl and install it on your system. (You will need to run the ./Configure script before running make -- Read the README and/or INSTALL files.)
Table of Contents 
Next Chapter